Commit graph

121 commits

Author SHA1 Message Date
Roman Khavronenko
4c854c3ae2
security: bump go version from 1.20.6 to 1.20.7 (#4773)
The update includes a security fix to the crypto/tls package,
as well as bug fixes to the assembler and the compiler.

See the list of issues addressed in Go1.20.7 here:
https://github.com/golang/go/issues?q=milestone%3AGo1.20.7+label%3ACherryPickApproved

Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-08-03 11:48:37 +02:00
hagen1778
7fc34aa1e6
dependabot: return schedule field as it breaks validation on github side
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-07-27 15:03:00 +02:00
Roman Khavronenko
1a864b60c2
dependabot: disable version update for packages (#4684)
The change disables version updates for repo packages.
Please note, security updates should not be affected by the change
according to https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#open-pull-requests-limit:

```
open-pull-requests-limit
By default, Dependabot opens a maximum of five pull requests for version updates. Once there are five open pull requests from Dependabot, Dependabot will not open any new requests until some of those open requests are merged or closed.

This option has no impact on security updates, which have a separate, internal limit of ten open pull requests.
```

Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-07-21 11:08:06 +02:00
Artem Navoiev
305b305743
githubaciton: sync-docs change set output code as current one will be deprecated soon
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-07-14 12:19:37 +02:00
Artem Navoiev
ae1aa12c79 Update .github/workflows/sync-docs.yml
Co-authored-by: Max Golionko <8kirk8@gmail.com>
2023-07-14 02:36:47 -07:00
Artem Navoiev
00633d42ab enable only when changes in docs
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-07-14 02:36:47 -07:00
Artem Navoiev
193dce2e96 moar debug
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-07-14 02:36:47 -07:00
Artem Navoiev
67c258315e fix path to main repo
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-07-14 02:36:47 -07:00
Artem Navoiev
758acdbf67 more debug
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-07-14 02:36:47 -07:00
Artem Navoiev
dc744942e6 move debug
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-07-14 02:36:47 -07:00
Artem Navoiev
b93c4d0b09 remove env
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-07-14 02:36:47 -07:00
Artem Navoiev
86d5b8f3a3 debug workflow1
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-07-14 02:36:47 -07:00
Artem Navoiev
ce10258897 add workdir to gpg step
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-07-14 02:36:47 -07:00
Artem Navoiev
a58ec9ba4f add job to sync the docs
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-07-14 02:36:47 -07:00
Aliaksandr Valialkin
30cdcc751d
all: update Go builder from 1.20.5 to 1.20.6
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.6+label%3ACherryPickApproved
2023-07-12 00:59:59 -07:00
Max Golionko
759a20d374
ci: fix sandbox update job (#4549)
Prevent sandbox deploy job run if tag name is empty.
2023-07-07 11:49:25 +02:00
Max Golionko
d4099a75be
CI: disable docker scan, enable auto release to sandbox (#4476)
* disable docker scan

* disable nightly, enable auto release to sandbox

* remove whitespace
2023-06-30 13:45:45 +02:00
Roman Khavronenko
476c7bdd6f
all: update Go builder from Go1.20.4 to Go1.20.5 (#4427)
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.5+label%3ACherryPickApproved

Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-06-09 09:42:55 +02:00
Aliaksandr Valialkin
1b288e0a05
all: update Go builder from Go1.20.3 to Go1.20.4
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.4+label%3ACherryPickApproved
2023-05-08 09:40:55 -07:00
Aliaksandr Valialkin
5074cc672a
all: update Go builder from Go1.20.2 to Go1.20.3
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.3+label%3ACherryPickApproved
2023-04-05 13:37:22 -07:00
dependabot[bot]
cc67eb4ff3
build(deps): bump actions/setup-go from 3 to 4 (#3962)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-20 09:23:24 +01:00
Roman Khavronenko
3de7fc5c71
security: bump go version to 1.20.2 (#3935)
upgrade Go builder from Go1.20.1 to Go1.20.2
See the list of issues addressed in Go1.20.2 here (https://github.com/golang/go/issues?q=milestone%3AGo1.20.2+label%3ACherryPickApproved).

Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-03-09 13:20:54 +01:00
Roman Khavronenko
a0cbef1c46
github: fix validation errors (#3903)
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-03-03 16:28:47 +01:00
Roman Khavronenko
0d8f80ce90
github: add a Question issue type (#3901)
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-03-03 16:11:06 +01:00
Aliaksandr Valialkin
06854738b6
.github/workflows/check-licenses.yml: use the correct version of Go - 1.20.1 - instead of 1.21.0 2023-02-27 19:25:13 -08:00
Aliaksandr Valialkin
11ce30820b
all: update Go builder from Go1.20.0 to Go1.20.1
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.1+label%3ACherryPickApproved
2023-02-14 23:05:16 -08:00
Aliaksandr Valialkin
035a2b5ed5
all: skip issues with low severity at docker scan 2023-02-09 14:25:13 -08:00
Max Golionko
6495b62866
bump go to 1.20 in ci jobs (#3787) 2023-02-08 14:32:42 +01:00
Max Golionko
6f24fa2055
CI: speedup build by 2.4x. restore nightly build (#3772)
* setup docker buildx
* add snyk integration
* add go cache for docker build
* cancel redundant job if there is new commit into same PR or branch
2023-02-07 10:12:16 +08:00
Max Golionko
df1e545c0e
disable codeql for docs. merge build and test back to one job (#3746) 2023-02-02 20:59:08 +08:00
Max Golionko
e8554cd1cb
ci: checkout correct branch for build step (#3676) 2023-01-19 08:34:20 +01:00
Aliaksandr Valialkin
9c62391a5c
.github/workflows: remove obsolete make targets: install-goling and install-errcheck
These targets became obsolete after ec2c82e800
2023-01-18 11:48:29 -08:00
Max Golionko
59b97f26c0
CI: split js and go codeql, split test and build, enable matrix for test (#3670)
* split js and go codeql, split test and build, enable matrix for test

* checkout before go setup

* enable build for PRs as well

* update filter
2023-01-18 11:42:27 -08:00
Roman Khavronenko
5cb8ce8174
ci: disable JS codeQL check (#3659)
We have limited amount of time used by Github CI runners
and JS analysis accounts for a half of it.
Since JS represents only a small fraction of the codebase
and is solely maintained by one person - I suggest to disable
the CodeQL check in order to save CI runners time.

Signed-off-by: hagen1778 <roman@victoriametrics.com>

Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-01-17 21:05:27 -08:00
Aliaksandr Valialkin
c449714c0a
deployment/docker: update Go builder from v1.19.4 to v1.19.5
See https://github.com/golang/go/issues?q=milestone%3AGo1.19.5+label%3ACherryPickApproved
2023-01-10 18:43:04 -08:00
Denys Holius
043b28c725
.github/workflows/nightly-build.yml: added dockerhub login (#3594) 2023-01-05 16:54:14 +01:00
Roman Khavronenko
63bf583b3c
github: rm plaintext render (#3597)
`render: plain text` makes fields not formattable and prevents
 from pasting screenshots.

Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-01-04 14:48:17 +01:00
Zakhar Bessarab
59f20c1034
github: use github templates for filling in feature requests or bug reports (#3587)
github: use github templates for filling in feature requests or bug reports
2023-01-04 14:34:19 +01:00
Artem Navoiev
0a519c93ef
run checks only for master/cluster branches (#3581)
Signed-off-by: Artem Navoiev <tenmozes@gmail.com>

Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2023-01-03 11:08:44 +04:00
Artem Navoiev
7d9c4bebc0
update links to grafana dashboards (#3534)
docs: update links to grafana dashboards

Signed-off-by: Artem Navoiev <tenmozes@gmail.com>
2022-12-25 17:36:20 +01:00
Michal Kralik
fd53f86c84
build: fix issue with missing docker scan (#3501) 2022-12-19 15:22:45 -08:00
Michal Kralik
07e9322157
build: nightly builds at 2:48am (#3490) 2022-12-16 16:46:24 -08:00
Aliaksandr Valialkin
eeacbaf0b6
all: update Go builder from v1.19.3 to v1.19.4
See https://github.com/golang/go/issues?q=milestone%3AGo1.19.4+label%3ACherryPickApproved
2022-12-08 16:41:24 -08:00
Aliaksandr Valialkin
6183975d45
.github/ISSUE_TEMPLATE/bug_report.md: update the link to troubleshooting docs 2022-12-06 21:11:15 -08:00
Roman Khavronenko
9f8bf524ad
bump go version to 1.19.3 (#3327)
Signed-off-by: hagen1778 <roman@victoriametrics.com>

Signed-off-by: hagen1778 <roman@victoriametrics.com>
2022-11-08 16:43:59 +01:00
Denys Holius
b4e6460d2f
.github/workflows/codeql-analysis.yml: specifically setting the Go version (#3277)
see https://github.com/github/codeql-action/issues/1059
2022-10-27 10:06:33 +02:00
Aliaksandr Valialkin
b47caa86db
all: update the minimum required Go verson from 1.19.1 to 1.19.2
This is needed because of security vulnerabilities found in Go 1.19.1
See https://go.dev/doc/devel/release#go1.19.2
2022-10-07 22:43:37 +03:00
Roman Khavronenko
efea51a9ee
bump Go version to 1.19.1 (#3108)
The reason is to cover vulnerability GO-2022-0969
Found in: net/http@go1.18.5
Fixed in: net/http@go1.19.1
More info: https://pkg.go.dev/vuln/GO-2022-0969

Signed-off-by: hagen1778 <roman@victoriametrics.com>

Signed-off-by: hagen1778 <roman@victoriametrics.com>
2022-09-14 12:29:19 +02:00
Aliaksandr Valialkin
28b6dec1f4
.github/workflows/main.yml: stop setting GO111MODULE=on env var, since it is unnecessary in Go1.18 and newer versions 2022-09-08 18:41:56 +03:00
Aliaksandr Valialkin
7b8bc8ad59
all: bump the minimum supported version of Go from 1.17 to 1.18
This is needed because some dependencies uses generics, which have been appeared in Go1.18

This is a follow-up for caf3dd4fa2
2022-08-08 13:39:38 +03:00